<?php

class user_login
{
    var $mess;
    var $renderLogin;
    
    function user_login()
    {
        global $lang, $db;
        
		include_once("includes/addMessage.php");
        
		if(isset($_POST['doLogin']) ? true : false)
		{
    		if ( !defined('IN_LC') )
    		{
    			die('Hacking attempt_l');
    		}
            
			$success = false;/*
			global  $www_forums;

			define('IN_PHPBB', true);
  			
			$phpbb_root_path = $www_forums;
			$phpEx = 'php';
			include('common.php');
			
			$user->session_begin();
			$auth->acl($user->data);
			$username = request_var($_POST['txtUsername'], '', true);
			$password = request_var($_POST['txtPassword'], '', true);
			
			$result = $auth->login($username, $password);
			
			print_r($result);
			*/
			if (isset($_POST["txtUsername"]) && isset($_POST["txtPassword"]))
			{
				// Create query
				$q = "SELECT *, pf_drivername AS user_drivername " . 
					"FROM ". USERS_TABLE . ' u, '. USERSGROUPS_TABLE . ' g, ' . DRIVERNAME_TABLE . ' d 
							LEFT JOIN  ' . LCUSERS_TABLE . " lu ON  lu.u_id = d.user_id 
                     WHERE u.username='".$_POST["txtUsername"]."' AND u.user_id = d.user_id 
                            AND g.group_id = 3 AND g.user_id = u.user_id 
					 LIMIT 0,1";

				// Run query
				$res = $db->sql_query($q);
				if ( $row = $db->sql_fetchrow($res) )
				{
					if(phpbb_check_hash($_POST["txtPassword"], $row['user_password']))
					{

						// Login good, create session variables
						$_SESSION["valid_id"] = $row['user_id'];
						$_SESSION["valid_user"] = $row["username"];
						$_SESSION["valid_driver"] = $row["user_drivername"];
						$_SESSION["valid_time"] = time();
						$_SESSION["valid_admin"] = $row["u_admin"] == '' ? 0 : $row["u_admin"];
						
						$sessionID = createString(32);
						$updateQ = "Update " . USERS_TABLE . " Set lc_sessionid = '" . $sessionID . "' Where user_id = " . $row['user_id'];
						$insertQ = "INSERT IGNORE INTO " . LCUSERS_TABLE . " (u_id, u_license) 
									SELECT " . $row['user_id'] . ", l_id 
									FROM " . LICENSES_TABLE . " WHERE l_default = 1";
						$db->sql_query($updateQ);
						$db->sql_query($insertQ);
						$x = setcookie("sessionID", $sessionID, time()+60*60*24*7);
						$y = setcookie("userID",  $row['user_id'], time()+60*60*24*7);
						$success = $x && $y;
					}
				}
			}
                        
			if($success)
			{
				
				$this->mess = new addMessage(str_replace('{LOGGEDIN_USER}', $_SESSION["valid_driver"], $lang['LoginSuccess']),
										$lang['LoginSuccessTitle']);
				$this->renderLogin = false;
			}
			else
			{
				$this->mess = new addMessage($lang['LoginFailure'] . '<br>' . $lang['LoginText'],
										$lang['LoginFailureTitle']);
                $this->renderLogin = true;
			}
			
		}
		else
		{
			$this->mess = new addMessage($lang['LoginText'],$lang['LoginTextTitle']);
            $this->renderLogin = true;
		}
	}

	function render()
	{
		
		global $skin_dir, $lang;
		
		$this->mess->render();
		if($this->renderLogin)
        {
            include_once($skin_dir.'tpl/loginForm.tpl');
		}
	}
}
?>